Tag Archives: corporate communications

Astroturfers Revisited

Good piece (video) by Jon Ronson about astroturfing:

Esc and Ctrl: Jon Ronson investigates astroturfing – video

In the second part of Jon Ronson’s series about the struggle for control of the internet, he looks at online astroturfing – when unpopular institutions post fake blogs to seem more favourable. He meets the former vice president of corporate communications for US healthcare company Cigna, who confirms his involvement in this kind of activity

He talks about the “death panels”: the Cigna whistleblower, Wendell Potter [Wikipedia] tells him that the company created lots of fake blogs and groups, all of which have since disappeared, including from archive.org, to get the issue going. Looking at a google search trend of the term “death panels”, you can see how it appears from nowhere so suddenly:

image

I’ve not seen an issue spring from nothing to the max quite like that for a while.

No question that we don’t really know just how widespread this is. It’s good that Ronson, whom I greatly admire, is on the case. Should be entertaining and revealing too.

Here’s some stuff I’ve written about this in the past:

The Real Conversation I’ve grown increasingly skeptical of the genuineness of this conversation: as PR gets wise, as (some) bloggers get greedy and (other) bloggers lose sight of, or fail to understand the need to maintain some ethicaleboundaries, the conversation has gotten skewed. I’m not alone in this, although cutting through to the chase remains hard. The current case of the Wal-Mart/Edelman thang, where the chain’s PR firm reportedly sponsored a blog about driving across America and turned it into a vehicle (sorry) to promote Wal-Mart, helps bring clarity to some issues, or at least to highlight the questions.

Social Media and Politics- Truthiness and Astroturfing Just how social is social media? By which I mean: Can we trust it as a measure of what people think, what they may buy, how they may vote? Or is it as easy a place to manipulate as the real world.

Discerning Porn Merchants And Rogue Dialers

Malaysia is feeling the heat from the rogue dialer, or Internet dumping, scammers. The Malaysian Communications & Multimedia Commission (MCMC) said on Wednesday in TechCentral that most of the victims had been unwittingly downloading the offending software while surfing porn sites:

“Since it occurs mostly on adult and entertainment sites, we would like to urge users to be more discerning when accessing these sites as it may result in high IDD (international direct dial) call charges,” said Adelina Iskandar, head of corporate communications at MCMC.

I rather like the idea of trying to be more discerning while surfing for porn. I suspect that by the time the person has decided to head for those kind of sites, the need to be discerning is somewhat low on his list of priorities.

Anyway, it seems as if Malaysia’s main problem is coming from Papua New Guinea, where most of the international calls are getting routed to. In its latest effort to curb this problem, The Star’s TechCentral reports, Telekom  Malaysia will be blocking all IDD calls to Papua New Guinea as most of these sites are hosted there. Effective immediately, customers who wish to make calls to Papua New Guinea will have to call 108, Operator Assisted International Services, for their calls to be connected.

Banks, Phishing And A Dereliction Of Responsibility

Online commerce suffers from one major flaw: It’s online. That means we need to use computers (or computer-like devices, such as cellphones). It means we need to use the Internet. Together this is a lethal cocktail. And for online banking, it just may mean it is fatal.

Online banking, for example, is not like using an ATM. Or a credit card. Or a cheque. Or even cash. All these types of transaction are vulnerable to fraud but they are relatively easy to protect yourself against. If you lend your credit card, cheque book or ATM card to strangers then you are probably not taking the right precautions. For banks, deciding whether you as a customer have taken ‘reasonable precautions’ is quite an easy calculation to make, and they will make it in assessing whether or not they will compensate you for losses.

But what about phishing? Online fraud is — and will become — a lot more complex than offline fraud. Firstly, most folk don’t really know what’s going on in their computer, so how can they take reasonable precautions? I bet, for example, that if you ask most people to identify the icons in their system tray they won’t be able to get all of them. Secondly, if you use broadband, you are connected to the Internet most of the time. It’s a bit like hanging out overnight on a street corner in a bad part of town: You can’t reasonably assume that you won’t attract the attention of some bad guy at some point.

These are calculations of risk the individual should make when he or she conducts any kind of transaction online. But they are hard. We can look around for suspicious type when we stand at an ATM machine, or hand over a credit card to a store clerk, but online we have no really easy way to measure our security and safety. Online banking is not the same as undertaking other transactions.

Which is why I think banks are wrong if they try to pretend it is. The BBC quotes Britain’s payments association, the Association for Payment Clearing Services (APACS) as saying that in a few years’ time “compensation could be denied if people had safety information but ignored it”. Apacs director of corporate communications Sandra Quinn is quoted thus: “What we have always said is that we won’t forever provide a guarantee. A good parallel might be with something like card fraud – if you act reasonably, you are covered.” The bottom line: where a customer had “not acted with care and been negligent”, the BBC quotes her as saying, banks in three or four years’ time could begin refusing refunds.

I’m sorry, but I think this is daft and the wrong way around. Banks were very, very slow to get off the mark over phishing. If I was a customer and had been phished I would have sued the pants off my bank for not warning me about it. Banks have a duty to monitor their website, their name, in fact the whole Internet, to protect their customers. For example, one company I spoke to gave me a list of website names registered that appeared designed to impersonate legitimate banks — Citibank was a favourite, with hundreds of names that could be mistaken for a legit Citibank site. Most banks, he told me, weren’t interested in subscribing to this service. Why? Because they didn’t feel monitoring these names — and the accompanying websites — was worth their time or their money. If I was a customer I would be livid: If a scammer set up a fake bank in the high street to defraud customers, you would hope the bank in question would be on top of it within seconds, warning customers everywhere to watch out and doing its damndest to close the operation down. The Internet is now the high street and banks need to start patrolling it, not ignoring it.

Sadly, I think banks still don’t get it. They think phishing is a static problem that will recede as more people know about it. But that’s not it at all. Phishing is the thin end of a new wedge that will lead to increasingly sophisticated efforts to use technology and social engineering to part consumers with their data and money. The banks’ role is not to put a few silly little warning notices on their website and set up silly little websites nobody visits (like this one) but to throw serious resources at protecting their customers: by building secure sign-on systems, by monitoring the bad guys, by offering well-staffed and accessible customer support hotlines. Anything less is a dereliction of responsibility.